CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 3CVE-2024-3007 – Tenda FH1205 NatStaticSetting fromNatStaticSetting stack-based overflow
https://notcve.org/view.php?id=CVE-2024-3007
A vulnerability, which was classified as critical, has been found in Tenda FH1205 2.0.0.7(775). This issue affects the function fromNatStaticSetting of the file /goform/NatStaticSetting. The manipulation of the argument page leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. • https://github.com/blkph0x/CVE_2024_30078_POC_WIFI https://github.com/kvx07/CVE_2024_30078_A_POC https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/FH/FH1205/fromNatStaticSetting.md https://vuldb.com/?ctiid.258293 https://vuldb.com/?id.258293 https://vuldb.com/?submit.301486 • CWE-121: Stack-based Buffer Overflow •
CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 1CVE-2024-3006 – Tenda FH1205 fromRouteStatic fromSetRouteStatic stack-based overflow
https://notcve.org/view.php?id=CVE-2024-3006
A vulnerability classified as critical was found in Tenda FH1205 2.0.0.7(775). This vulnerability affects the function fromSetRouteStatic of the file /goform/fromRouteStatic. The manipulation of the argument entrys leads to stack-based buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. • https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/FH/FH1205/fromRouteStatic.md https://vuldb.com/?ctiid.258292 https://vuldb.com/?id.258292 https://vuldb.com/?submit.301485 • CWE-121: Stack-based Buffer Overflow •
CVSS: 9.8EPSS: 0%CPEs: 18EXPL: 1CVE-2023-38933
https://notcve.org/view.php?id=CVE-2023-38933
Tenda AC6 V2.0 V15.03.06.23, AC7 V1.0 V15.03.06.44, F1203 V2.0.1.6, AC5 V1.0 V15.03.06.28, FH1203 V2.0.1.6 and AC9 V3.0 V15.03.06.42_multi, and FH1205 V2.0.0.7(775) were discovered to contain a stack overflow via the deviceId parameter in the formSetClientState function. • https://github.com/FirmRec/IoT-Vulns/blob/main/tenda/formSetClientState/README.md • CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 0%CPEs: 6EXPL: 1CVE-2023-38934
https://notcve.org/view.php?id=CVE-2023-38934
Tenda F1203 V2.0.1.6, FH1203 V2.0.1.6 and FH1205 V2.0.0.7(775) was discovered to contain a stack overflow via the deviceId parameter in the formSetDeviceName function. • https://github.com/FirmRec/IoT-Vulns/blob/main/tenda/formSetDeviceName/README.md • CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 0%CPEs: 6EXPL: 1CVE-2023-38940
https://notcve.org/view.php?id=CVE-2023-38940
Tenda F1203 V2.0.1.6, FH1203 V2.0.1.6 and FH1205 V2.0.0.7(775) were discovered to contain a stack overflow via the ssid parameter in the form_fast_setting_wifi_set function. • https://github.com/FirmRec/IoT-Vulns/tree/main/tenda/form_fast_setting_wifi_set • CWE-787: Out-of-bounds Write •